<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">+1 for 3DES. And also prioritizing AES128 over AES256 in suite B for the same reason. This saves approx. 40% cpu cycles, and 128-bit security still has lots of reserve.<div><br></div><div>- Rainer<br><div><div>Am 05.01.2014 um 16:55 schrieb Aaron Zauner <<a href="mailto:azet@azet.org">azet@azet.org</a>>:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div dir="ltr">Hi Kurt,<div><br></div><div>That is true, the issue being that some software and hardware platforms do not support RSA keys above 2048bit as of now.</div><div><br></div><div>I mean - I do not really have an issue with discussing to put 3DES in there. We were a bit time restricted to do our research (i.e. we limited ourselves to certain ciphers) and since this is still in draft stage we're able to change things like that.</div>
<div><br></div><div>Input from anyone else on the list?</div><div><br></div><div>Thanks,</div><div>Aaron</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Sun, Jan 5, 2014 at 4:27 PM, Kurt Roeckx <span dir="ltr"><<a href="mailto:kurt@roeckx.be" target="_blank">kurt@roeckx.be</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">On Fri, Jan 03, 2014 at 12:19:10AM +0100, Aaron Zauner wrote:<br>
><br>
> > 3DES isn't broken.<br>
> Triple DES provides about 112bit security (We've a section on the topic in the Paper in the Keylenghts section). All ciphers that we<br>
> recomend are at least at 128bit security.<br>
<br>
</div>The document doesn't seem to say that it's trying to reach a 128<br>
bit security level over the whole chain. It seems to be happy<br>
with 2048 bit RSA keys. They also provide 112 bit security.<br>
<br>
If you really want to go for 128 bit, you need to have the RSA<br>
keys of at least something in the order of 3072 bit. If 2048<br>
is fine, 3DES is fine.<br>
<span class="HOEnZb"><font color="#888888"><br>
<br>
Kurt<br>
<br>
</font></span></blockquote></div><br></div>
_______________________________________________<br>Ach mailing list<br><a href="mailto:Ach@lists.cert.at">Ach@lists.cert.at</a><br><a href="http://lists.cert.at/cgi-bin/mailman/listinfo/ach">http://lists.cert.at/cgi-bin/mailman/listinfo/ach</a><br></blockquote></div><br></div></body></html>